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Dear Sir: 

PRE- APPEAL BRIEF REQUEST FOR REVIEW 

The following Pre-Appeal Brief Request for Review is being filed in accordance with 
the provisions set forth in the Official Gazette Notice of July 12, 2005 ("OG Notice"). 
Pursuant to the OG Notice, this Request is being filed concurrently with a Notice of Appeal. 
Applicants respectfully request reconsideration of the rejection of all claims in the 
Application. 

In the prosecution of the present Application, the PTO's rejections and assertions 
contain clear errors of law. Most notable of the legal errors present in the examination of the 
Application is a failure of the Final Office Action (the "Final Office Action") to establish a 
prima facie rejection of at least independent Claims 1 and 8 and dependent Claims 7 and 14. 
In this Pre-Appeal Brief Request for Review, Applicants request panel review of independent 
Claims 1 and 8 and dependent Claims 7 and 14, which are rejected in the Final Office Action 
as being obvious over U.S. Patent Application Publication No. 2006/0059107 issued to 
Elmore et al. {"Elmore") in view of U.S. Patent Application Publication No. 2004/0002955 
issued to Gadbois et al. ("Gadbois"), and further in view of U.S. Patent Application 
Publication No. 2008/0109897 issued to Moran et al. ("Moran"). 
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I. The proposed Elmore-Gadbois-Moran combination does not disclose, teach, or 
suggest "matching a distinguished name associated with the user and at least a 
portion of the distinguished name associated with the object" and "providing the 
user access to the object in response to matching the distinguished name 
associated with the object and the distinguished name associated with the user" 

As at least a first point of error, the rejections of independent Claims 1 and 8 and 
dependent Claims 7 and 14 are deficient at least because the proposed Elmore-Gadbois- 
Moran combination does not disclose, teach, or suggest "matching a distinguished name 
associated with the user and at least a portion of the distinguished name associated with the 
object" and "providing the user access to the object in response to matching the distinguished 
name associated with the object and the distinguished name associated with the user." In the 
Office Action, the Examiner acknowledges that the recited claim elements are not disclosed in 
Elmore in view of Gadbois. (Final Office Action, page 3). It is the Examiner's position, 
however, that the additional disclosure of Moron discloses Applicants 5 "matching" and 
"providing" steps. (Final Office Action, page 3). Applicants respectfully disagree. 

Moran discloses that "Access Control Lists (ACLs) are used to describe the permitted 
actions (permissions) on protected network computer system resources or objects associated 
with a client or user identity." (Moran, Abstract). Specifically, Moran discloses that an 
"Authorization Service (21) uses a central database that lists all resources in the secure 
domain and the ACL and POP policies assigned (attached) to each resource." (Moran, page 
3, paragraph 60). According to Moran, "[t]his master authorization policy (31) database and 
the user registry (containing user and group accounts) are the key components that help 
define a network security policy." (Moran, page 3, paragraph 60). Moran further discloses 
that the "ACL policy is made up of one or more entries that include user specific permissions 
or rights." (Moran, page 3, paragraph 62). "ACL policies provide the Authorization Service 
with information to make a "yes" or "no" answer on a specific request to access a protected 
object, and to perform some operation on that object." (Moran, page 3, paragraph 62). An 
example ACL is shown in Figure 5 and merely includes "user and group designations, and 
their specific permissions." (Moran, page 4, paragraph 70). Thus, Moran merely relates to 
storing in a central database a list that identifies a user by user name and associates with the 
user name the objects that the user has permission to access. 

For modification of an object by a user, Moran discloses: 
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When a client or user initially requests permission to perform an action on 
a protected object, such as requesting to "read" or "modify" a protected 
system file, the client's ID is first authenticated by the authentication 
service. This results in a set of credentials being created, including the 
authenticated user's ID or user name, a list of user groups to which the 
user may belong, the name of the protected object being requested, and the 
action being requested. For example, the credentials and authorization 
request for Bill Smith of ABC Corporation . . . attempting to "modify" a 
protected system file "ABC_401k_summaries" may contain parameters 
such as: 

B_Smith, ABC_employees ? "modify", "ABC_401k_summaries". 

{Moran, page 3, paragraphs 46-47). After the creation of the credentials and authorization 
request, Moran discloses that the "user ID From the authenticated credentials is matched (91) 
with the requested protected object's ACL entries." {Moran, page 6, paragraph 115). Thus, 
according to the disclosure of Moran, the Authorization Service receives a user request 
identifying a user by a user name and a requested object. Then, "the userlD from the 
authenticated credentials is matched (91) with the requested protected object's ACL entries." 
{Moran, page 6, paragraph 115). Thus, the Authorization Service looks up the user name in 
the ACL, which is stored in a centralized database. "The permissions granted (93) are those 
in the matching entry or entries." {Moran, page 6, paragraph 115). 

Accordingly, the "matching" referred to in Moran merely includes identifying a list 
associated with an object and then determining if a user's name is on that list. Thus, at most 
Moran discloses matching the name of a requested object with the name an associated ACL 
list. A determination is then made as to whether the user requesting the operation is included 
in the list. Applicants respectfully submit that accessing a list that includes a user name and a 
user object to which that user has access is not analogous to "matching a distinguished name 
associated with the user and at least a portion of the distinguished name associated with 
the object" and "providing the user access to the object in response to matching the 
distinguished name associated with the object and the distinguished name associated with 
the user," as recited in Claims 1 and 8 and dependent Claims 7 and 14. There is no disclosure 
in Moran that one would be able to match the name of the user with at least a portion of the 
name of the object. In fact, and as discussed above, Moran actually discloses the credentials 
and authorization request for Bill Smith of ABC Corporation . . . attempting to "modify" a 
protected system file "ABC_401k_summaries" merely include "B_Smith, ABC employees, 
"modify", "ABC_401k_summaries". Thus, the name of the user is "Bill Smith" or 
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"B_Smith" and the name of the file is "ABC_401 ^summaries." The name of the file 
"ABC_401k_summaries" does not include the name of the user and cannot be matched with 
"BSmith." Accordingly, Moran and the proposed Elmore-Gadbois-Moran combination 
does not disclose, teach, or suggest "matching a distinguished name associated with the user 
and at least a portion of the distinguished name associated with the object" and 
"providing the user access to the object in response to matching the distinguished name 
associated with the object and the distinguished name associated with the user," as recited 
in Claims 1 and 8 and dependent Claims 7 and 14. 

For at least these reasons, Applicants request reconsideration and allowance of 
independent Claims 1 and 8 and dependent Claims 7 and 14. 

II. The proposed Elmore-Gadbois-Moran combination does not disclose, teach, or 
suggest "providing a Distinguished Name of an object revealing a chain of 
ownership and control for the object" 

As at least a second point of error, the rejections of dependent Claims 7 and 14 are 
deficient at least because the proposed Elmore-Gadbois-Moran combination does not 
disclose, teach, or suggest "providing a Distinguished Name of an object revealing a chain of 
ownership and control for the object." In the Office Action, the Examiner acknowledges that 
the recited claim elements are not disclosed in Elmore. {Final Office Action, page 6). It is 
the Examiner's position, however, that the additional disclosure of Gadbois discloses 
Applicants' steps recited in Claims 7 and 14. {Final Office Action, page 6). Applicants 
respectfully disagree. 

Gadbois discloses that within a DIT, "[a] first tier or set of nodes coupled to the host 
node include a set of nodes representative of organizations." {Gadbois, page 3, paragraph 
27). Beneath the organization nodes, the DIT includes "a number of interior sub-nodes which 
contain further information, or links to further information, regarding the respective 
organization." {Gadbois, page 3, paragraph 28). As illustrated in Figure 2, these sub-nodes 
include "Groups," "Business Services," and "Publisher Assertions" associated with the 
Organization. However, while Gadbois discloses that nodes are organized by organization, 
there is no disclosure in Gadbois that a name of an object reveals the chain of ownership and 
control for the object. For example, there is no disclosure that the Distinguished Names of 
each of "Groups," "Business Serves," or "Publisher Assertions" specifically reveal the 
ownership and control for those objects. In fact, Gadbois is silent as to the naming of the 
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sub-nodes. Accordingly, Gadbois and the proposed Elmore-Gadbois-Moran combination 
does not disclose, teach, or suggest "providing a Distinguished Name of an object 
revealing a chain of ownership and control for the object," as recited in Claims 7 and 14. 



For the reasons discussed above, Applicants respectfully contend that the proposed 
Elmore-Gadbois-Moran combination is deficient with respect to at least independent Claims 
1 and 8 and dependent Claims 7 and 14. As the rejections of at least these claims contain 
clear deficiencies, Applicants respectfully request a finding of allowance of independent 
Claims 1 and 8 and dependent Claims 7 and 14. To the extent necessary, the Commissioner is 
hereby authorized to charge any fees or credit any overpayments to Deposit Account No. 02- 
0384 of Baker Botts LLP. 



CONCLUSION 



Respectfully submitted, 




BAKER BOTTS L.L.P. 
Attorneys for Applicants 
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Re^No. 52,038 
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